-<%= include( '/elements/header', 'Query Results',
- include( '/elements/menubar', 'Main Menu' => $p )
-%>
-<%= include( 'elements/search.html',
- 'name' => 'rows',
-
+<% include( 'elements/search.html',
+ 'title' => 'Query Results',
+ 'name' => 'rows',
+ 'query' => "SELECT $sql",
+ )
%>
+<%init>
+
+die "access denied"
+ unless $FS::CurrentUser::CurrentUser->access_right('Raw SQL');
+
+my $sql = $cgi->param('sql') or errorpage('Empty query');
+$sql =~ s/;+\s*$//; #remove trailing ;
+</%init>